Can not use X-Forwarder-host for precision monitoring

Document ID : KB000110665
Last Modified Date : 10/08/2018
Show Technical Document Details
Introduction:
LAC (Live API Creator) is proxied via the API Gateway. The route takes places on a load balancer url https://lac. this load balances to lac1 and lac2 
In the LAC there are scripts which do restGet and restPost that use req.baseURL, this is affected by the value put in x-forwarded-host and x-forwarded-port 
Hence using any of the parameter make the internal javascript fail. so we cannot use x-forwarded-host or x-forwarded-port as required by APM. 
 
Question:
Hi LAC (Live API Creator) is proxied via the API Gateway. The route takes places on a load balancer url https://lac. Tthis load balances to lac1 and lac2 In the LAC the are scripts which do restGet and restPost that use req.baseURL, this is affected by the value put in x-forwarded-host and x-forwarded-port Hence using any of the parameter make the internal javascript fail. so we cannot use x-forwarded-host or x-forwarded-port as required by APM.

 
Environment:
API Gateway 9.3 CR02 
API-M 3.3 
APM 10.7 HF3 
Answer:

To overcome the above error, we used the following workaround: 

1. Added X-Forwarded-Host : ${gateway.lac.host} [added the loadbalancer hostname] 
2. Added X-Forwarded-Port : ${gateway.lac.port} [added the loadbalancer port] 
3. Added X-Forwarded-For : ${request.tcp.remoteAddress} 


Task done. 
1. Using LAC endpoint as the hostname and port end up giving a map pointing to only 1 lac server 
2. With trial an error we did the following and the only solution that worked giving us a drill down analysis was 
2.1. Add xforwarded for :- remote ip, xforwarded host:- localip and xforwarded port as localport 
2.2. tweat logic on lac to make rest calls via localhost:8080 
2.3. Re-Write call back and next urls base on individual server 

So one of the questions was: 
1. In the introscope if we use forwared for only instead of forwaredfor and forwarded host. we dont see a serious mapping. 
2. When there is a correaltion id why is there a need for Xforwared host and port.. doesnt the correlation id work because this id is UNIQUE.

 
Additional Information:
>> 1. In the introscope if we use forwared for only instead of forwaredfor and forwarded host. we dont see a serious mapping. 

If the request includes one or more Forwarded header, it should affect the URLs in the response. For instance, as request with the header: 

Forwarded: host=foobar.com;proto=https 

will result in a response using these in the URLs, e.g.: 

"href": "https://foobar.com/rest/default/wsvqr/v1/main:Album/1", 
"checksum": "A:00cfb2256987be74", 
"links": [ 

"href": "https://foobar.com/rest/default/wsvqr/v1/main:Track?sysfilter=equal('AlbumId':1)", 
"rel": "children", 
"role": "Track_List", 
"type": "urn:caliveapicreator:main:Track" 


If this is not working correctly, please verify that the headers are specified properly. If it still does not work as expected, please let us know and we can investigate. The best way to report this type of problem would be a simple Java or JavaScript program that makes a call to one of the APIs that ship with LAC and demonstrates the problem. That would allow us to reproduce the problem in the lab. If we can reproduce it, we can fix it very quickly. 

>> 2. When there is a correaltion id why is there a need for Xforwared host and port.. doesnt the correlation id work because this id is UNIQUE 

I'm a little confused by this question. Are you asking why you need to authenticate a secondary request even though it has a X-Correlation-Id header? Such a header is not sufficient for authentication. 
The purpose of the correlation ID is typically to track a request through a set of services, so I'm not following why it would affect the Forwarded header issue. 

When making the calls on localhost:8080, can you not add a Forwarded or X-Forwarded-Host header to avoid having to translate the URLs in the response?